Electronic Signatures Guide
This guide will provide assistance to members on the electronic signing of documents, covering the relevant law and potential risks.
Signing electronically can eliminate many of the impractical logistics of signing in wet ink, and allows all parties to sign a document within seconds of being invited to do so.
Third edition
This edition includes updates on the following
- new information on how the implementation of UK eIDAS has created an additional consideration when dealing with international matters (section two)
- section three on how to apply an electronic signature using an appropriately placed signing block, has been expanded
- section six on dealing with annexations, has been extensively updated
The guide will continue to be reviewed and updated as necessary and users of the guide should be aware that amendments may be made in the future.
Guide to electronic signatures
PDF version
Below is a summary of the points to consider when deciding on whether or not to use an electronic signature.
A signature is simply a way of providing evidence that a person agreed to be bound by the terms of a document or contract.
Under both Scots and English law, the majority of day to day contracts can be created electronically.
The Law Commission for England and Wales last year stated that electronic signatures are valid in most cases. The Law Commission also said that it can see no reason why an English law deed cannot be authenticated electronically, though there are some practical issues when a deed is to be authenticated by way of a witnessed signature.
In Scotland, specific legislation was introduced in 2014 for the electronic authentication of certain documents that must be in writing.
An electronic signature can take many forms – whether using a tick box on web page, sending an email or using some form of secure electronic signature.
When deciding how to sign (or authenticate) electronically, it is essential that a system is used that provides a reasonable level of assurance that the document was authenticated by the person purporting to sign it.
What is appropriate may depend on the nature of the contract or document, the risk of a challenge to the validity of the signature and the consequences of a successful challenge.
For example, simply inserting a JPEG of someone’s wet ink signature into a Word document provides very little assurance.
On the other hand, an online signing platform such as DocuSign or Adobe Sign collects meta data on the signing, including information around the date and time of signing, the email address to which the request to sign was sent, and the IP address of the device. These platforms can also use two factor authentication, where the signatory needs to insert a code that has been sent to a mobile number, which reduces the risk of someone with delegate inbox access signing in someone else’s name.
The most secure form of electronic signature is what is known as a qualified electronic signature (QES). A QES uses cryptography and is issued by a trusted third party who independently validates the entity of the signatory. Some signing platforms offer QES functionality at an additional cost.
The primary areas where simple electronic signatures, such as the standard functionality in DocuSign and Adobe Sign, are not a valid means of signing are in relation to:
- missives and other documents dealing with the transfer of rights in land;
- certain types of guarantees; and
- where (under Scots law) you wish a document to have self-proving status.
Under Scots law, such documents can only be authenticated electronically where an advanced electronic signature (AES) is used or, where self-proving status is required, a qualified electronic signature (QES). The standard signature functionality within the platforms such as DocuSign or Adobe Sign does not meet the requirements for an AES or QES although these platforms, and possibly others, offer AES or QES functionality at an additional cost.
All solicitors registered with the Law Society of Scotland have a QES on their Law Society smartcard, and can therefore authenticate electronically missives and other documents requiring an AES or QES in order to be valid.
There may also be issues where a document needs to be lodged with a registry or relied upon in another jurisdiction.
When looking to use electronic signatures, the following checklist can help:
- Is there any reason that an electronic signature may not be valid for the document you wish to sign?
- Do you need to use a particular form of electronic signature, such as an advanced electronic signature or qualified electronic signature, in order for the signature to be valid?
- If signing electronically, which signing system will you use? If you plan to use a signing platform, are you using additional security features, such as two factor authentication?
- When using a signing platform such as DocuSign or Adobe Sign, one party coordinates signing and issues invitations to the other signatories. Who will do that? If lawyers are involved in the transaction, which firm will take the lead? Agree protocols and procedures in advance.
- Do you need to include any information in your contract or document to state when it will take effect?
- What information will you retain to evidence the signature? Signing platforms usually provide a certificate with the information collected. If you are not coordinating signing, have you requested a copy of that?
This summary is based on a blogpost by Martin Sloan at Brodies LLP and reproduced with permission.
You can find the original version on the Brodies website here.
Martin Sloan is the Chair of the Electronic Signatures Working Group of the Technology Law and Practice Committee.
Electronic Signatures Panel
Special offers to our members